CVE-2008-4374
published 2008-10-01CVE-2008-4374: SQL injection vulnerability in index.php in CMS Buzz allows remote attackers to execute arbitrary SQL commands via the id parameter in a playgame action.
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.00%
58.5th percentile
SQL injection vulnerability in index.php in CMS Buzz allows remote attackers to execute arbitrary SQL commands via the id parameter in a playgame action.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
CMS Buzz - 'id' SQL Injection
exploitdb·2008-09-09
CVE-2008-4374 CMS Buzz - 'id' SQL Injection
CMS Buzz - 'id' SQL Injection
---
#################################################################################################
#################################### proud to be muslim ######################################
### ###
### rEm0te sql injction VulnErability ###
### ###
### (cmsbuzz script) ###
### ###
#################################################################################################
#################################################################################################
### ###
### AuTh0r : security fears team ###
### ###
### Home : WwW.alsonaa.com ###
### ###
### members: HeB4RieH , germaya_x ###
### ###
#################################################################################################
################################################
Exploit-DB
Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow
exploitdb·2008-08-26
CVE-2008-3704 Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow
Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow
---
Microsoft Visual Studio (Msmask32.ocx) ActiveX Remote Buffer Overflow Exploit
Author: Koshi
Original POC: http://www.milw0rm.com/exploits/6244 ( Not by me )
My first ActiveX exploit, learned quite a bit playing with this one.
Heaps are handy.
#################################################
Loaded File: C:\WINDOWS\system32\MSMASK32.OCX
Name: MSMask
Version: 1.1
Class MaskEdBox
GUID: {C932BA85-4374-101B-A56C-00AA003668DC}
Number of Interfaces: 1
Default Interface: IMSMask
RegKey Safe for Script: False
RegKey Safe for Init: True
KillBitSet: False
#################################################
gr33tz: Rima my baby, str0ke, mess, and to all of those who have helped me over the years!
function doIt()
{
var
No writeups or analysis indexed.
http://secunia.com/advisories/31817http://securityreason.com/securityalert/4333http://www.securityfocus.com/bid/31097https://exchange.xforce.ibmcloud.com/vulnerabilities/45014https://www.exploit-db.com/exploits/6408http://secunia.com/advisories/31817http://securityreason.com/securityalert/4333http://www.securityfocus.com/bid/31097https://exchange.xforce.ibmcloud.com/vulnerabilities/45014https://www.exploit-db.com/exploits/6408
2008-10-01
Published